I think it would be useful for WinHost to post an Incident Report so we can harden our own website against future attacks. Information is Power. - What specifically caused the incident? WinHost tweets said it was internal sites producing massive outbound network traffic. Pretty vague. - So was it infected sites that became part of a BotNet? - What can we look for in our own sites to see if we've been infected? - are there specific site settings that will help prevent a future infection?